#!/bin/bash

# File names
PRIVATE_KEY_FILE="ed25519-private.pem"
PUBLIC_KEY_FILE="ed25519-public.pem"

# Generate private key
openssl genpkey -algorithm Ed25519 -out "$PRIVATE_KEY_FILE"
if [ $? -ne 0 ]; then
  echo "❌ Failed to generate private key"
  exit 1
fi

# Extract public key
openssl pkey -in "$PRIVATE_KEY_FILE" -pubout -out "$PUBLIC_KEY_FILE"
if [ $? -ne 0 ]; then
  echo "❌ Failed to extract public key"
  exit 1
fi

# Function to convert PEM to one-liner with \n
format_pem_for_env() {
  awk '{printf "%s\\n", $0}' "$1"
}

# Output .env formatted variables
echo "✅ Keys generated. Add the following to your .env file:"
echo ""
echo "PRIVATE_KEY=\"$(format_pem_for_env $PRIVATE_KEY_FILE)\""
echo ""
echo "PUBLIC_KEY=\"$(format_pem_for_env $PUBLIC_KEY_FILE)\""
echo ""
echo "ALGORITHM=EdDSA"

rm -f "$PRIVATE_KEY_FILE" "$PUBLIC_KEY_FILE"
echo "Temporary key files removed."
echo "Done."